Section 2 - Lesson 12

Question 1

Accounting

Answer 1

All user activities are recorded

Question 2

What are goals of accounting

Answer 2

Audit Trail, Regulatory Compliance, Forensic Analysis, Resource Optimizations, User Accountability

Question 3

What actions should be tracked

Answer 3

Logging into the system, accessing files, modifying configuration, downloading or installing software, attempting unauthorized actions on systems and networks

Question 4

Audit Trail

Answer 4

Chronological record of user activities

Question 5

Forensic Analysis

Answer 5

Help cybersecurity specialists understand what happened, how it happened and how to prevent in future

Question 6

What is used for it?

Answer 6

Syslog servers, Network analysis tools, SIEMs

Question 7

What is SIEM?

Answer 7

Security Information and Event Management Systems

Question 8

Syslog Servers

Answer 8

Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies in the organization’s systems

Question 9

Network Analyzers

Answer 9

Like Wireshark. Used to capture and analyze network traffic to gain detailed insights into all the data moving within a network

Question 10

SIEMs (what are used for)?

Answer 10

Real-time analysis of security alerts generated by various hardware and software infrastructures in organization